package com.gitblit.auth;

import com.gitblit.Constants;
import com.gitblit.Keys;
import com.gitblit.models.TeamModel;
import com.gitblit.models.UserModel;
import com.gitblit.utils.StringUtils;
import java.util.HashSet;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/gitblit/auth/HttpHeaderAuthProvider.class */
public class HttpHeaderAuthProvider extends AuthenticationProvider {
    protected final Logger logger;
    protected String userHeaderName;
    protected String teamHeaderName;
    protected String teamHeaderSeparator;

    public HttpHeaderAuthProvider() {
        super("httpheader");
        this.logger = LoggerFactory.getLogger(getClass());
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public void setup() {
        this.userHeaderName = this.settings.getString(Keys.realm.httpheader.userheader, null);
        this.teamHeaderName = this.settings.getString(Keys.realm.httpheader.teamheader, null);
        this.teamHeaderSeparator = this.settings.getString(Keys.realm.httpheader.teamseparator, ",");
        if (StringUtils.isEmpty(this.userHeaderName)) {
            this.logger.warn("HTTP Header authentication is enabled, but no header is not defined in realm.httpheader.userheader");
        }
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public void stop() {
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public UserModel authenticate(HttpServletRequest httpServletRequest) {
        if (StringUtils.isEmpty(this.userHeaderName)) {
            return null;
        }
        String header = httpServletRequest.getHeader(this.userHeaderName);
        if (StringUtils.isEmpty(header) || this.userManager.isInternalAccount(header)) {
            return null;
        }
        HashSet hashSet = new HashSet();
        if (!StringUtils.isEmpty(this.teamHeaderName)) {
            String header2 = httpServletRequest.getHeader(this.teamHeaderName);
            if (!StringUtils.isEmpty(header2)) {
                for (String str : header2.split(this.teamHeaderSeparator)) {
                    String trim = str.trim();
                    if (!StringUtils.isEmpty(trim)) {
                        TeamModel teamModel = this.userManager.getTeamModel(trim);
                        if (null == teamModel) {
                            teamModel = new TeamModel(trim);
                            teamModel.accountType = Constants.AccountType.HTTPHEADER;
                            updateTeam(teamModel);
                        }
                        hashSet.add(teamModel);
                    }
                }
            }
        }
        UserModel userModel = this.userManager.getUserModel(header);
        if (userModel != null) {
            if (!StringUtils.isEmpty(this.teamHeaderName)) {
                userModel.teams.clear();
                userModel.teams.addAll(hashSet);
            }
            updateUser(userModel);
            return userModel;
        }
        if (!this.settings.getBoolean(Keys.realm.httpheader.autoCreateAccounts, false)) {
            return null;
        }
        UserModel userModel2 = new UserModel(header.toLowerCase());
        userModel2.displayName = header;
        userModel2.password = Constants.EXTERNAL_ACCOUNT;
        userModel2.accountType = Constants.AccountType.HTTPHEADER;
        userModel2.teams.addAll(hashSet);
        updateUser(userModel2);
        return userModel2;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public UserModel authenticate(String str, char[] cArr) {
        return null;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public Constants.AccountType getAccountType() {
        return Constants.AccountType.HTTPHEADER;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public Constants.AuthenticationType getAuthenticationType() {
        return Constants.AuthenticationType.HTTPHEADER;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public boolean supportsCredentialChanges() {
        return false;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public boolean supportsDisplayNameChanges() {
        return false;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public boolean supportsEmailAddressChanges() {
        return false;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public boolean supportsTeamMembershipChanges() {
        return StringUtils.isEmpty(this.teamHeaderName);
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public boolean supportsRoleChanges(UserModel userModel, Constants.Role role) {
        return true;
    }

    @Override // com.gitblit.auth.AuthenticationProvider
    public boolean supportsRoleChanges(TeamModel teamModel, Constants.Role role) {
        return true;
    }
}
